Hi @jochen.walz,
Yes, it is possible to add a custom claim to the access token if they have a specific role assigned.
Something like the following could work:
exports.onExecutePostLogin = async (event, api) => {
const namespace = 'https://myapp.example.com';
if (event.authorization.roles.includes('admin'))) {
// Set claims in access token
api.accessToken.setCustomClaim(`${namespace}/role`, "admin");
}
};
Reference: Adding custom claims to tokens
Let me know if there’s anything else I can do to help.
Thanks,
Rueben